npm - env-secrets - Versions diffs - 0.3.3 → 0.5.0 - Mend

env-secrets 0.3.3 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/AGENTS.md +12 -3
package/README.md +52 -8
package/__e2e__/README.md +2 -5
package/__e2e__/index.test.ts +341 -2
package/__e2e__/utils/test-utils.ts +61 -1
package/__tests__/cli/helpers.test.ts +217 -0
package/__tests__/vaults/aws-config.test.ts +85 -0
package/__tests__/vaults/secretsmanager-admin.test.ts +355 -0
package/dist/cli/helpers.js +172 -0
package/dist/index.js +456 -2
package/dist/vaults/aws-config.js +29 -0
package/dist/vaults/secretsmanager-admin.js +273 -0
package/dist/vaults/secretsmanager.js +8 -16
package/docs/AWS.md +129 -2
package/jest.e2e.config.js +1 -0
package/package.json +5 -5
package/src/cli/helpers.ts +239 -0
package/src/index.ts +595 -2
package/src/vaults/aws-config.ts +51 -0
package/src/vaults/secretsmanager-admin.ts +397 -0
package/src/vaults/secretsmanager.ts +8 -21
package/website/docs/cli-reference.mdx +101 -0
package/website/docs/providers/aws-secrets-manager.mdx +59 -0

package/src/cli/helpers.ts ADDED Viewed

@@ -0,0 +1,239 @@
+import { readFile } from 'node:fs/promises';
+export type OutputFormat = 'json' | 'table';
+export interface AwsScopeOptions {
+  profile?: string;
+  region?: string;
+}
+export interface EnvSecretEntry {
+  key: string;
+  value: string;
+  line: number;
+}
+export interface ParsedEnvSecrets {
+  entries: EnvSecretEntry[];
+  skipped: Array<{ key: string; line: number; reason: string }>;
+}
+interface CommandLikeWithGlobalOpts {
+  optsWithGlobals?: () => Record<string, unknown>;
+}
+export const asOutputFormat = (value: string): OutputFormat => {
+  if (value !== 'json' && value !== 'table') {
+    throw new Error(`Invalid output format "${value}". Use "json" or "table".`);
+  }
+  return value;
+};
+export const renderTable = (
+  headers: Array<{ key: string; label: string }>,
+  rows: Array<Record<string, string | undefined>>
+) => {
+  if (rows.length === 0) {
+    return 'No results.';
+  }
+  const widths = headers.map((header) => {
+    return Math.max(
+      header.label.length,
+      ...rows.map((row) => String(row[header.key] || '').length)
+    );
+  });
+  const headerLine = headers
+    .map((header, index) => header.label.padEnd(widths[index]))
+    .join('  ');
+  const divider = headers
+    .map((_, index) => '-'.repeat(widths[index]))
+    .join('  ');
+  const lines = rows.map((row) =>
+    headers
+      .map((header, index) =>
+        String(row[header.key] || '').padEnd(widths[index])
+      )
+      .join('  ')
+  );
+  return [headerLine, divider, ...lines].join('\n');
+};
+export const printData = (
+  format: OutputFormat,
+  headers: Array<{ key: string; label: string }>,
+  rows: Array<Record<string, string | undefined>>
+) => {
+  if (format === 'json') {
+    // eslint-disable-next-line no-console
+    console.log(JSON.stringify(rows, null, 2));
+    return;
+  }
+  // eslint-disable-next-line no-console
+  console.log(renderTable(headers, rows));
+};
+export const parseRecoveryDays = (value: string) => {
+  const parsed = Number(value);
+  if (!Number.isInteger(parsed) || parsed < 7 || parsed > 30) {
+    throw new Error('Recovery days must be an integer between 7 and 30.');
+  }
+  return parsed;
+};
+export const readStdin = async (stdin: NodeJS.ReadStream = process.stdin) => {
+  const chunks: Buffer[] = [];
+  return await new Promise<string>((resolve, reject) => {
+    const onData = (chunk: Buffer) => {
+      chunks.push(chunk);
+    };
+    const onEnd = () => {
+      cleanup();
+      resolve(
+        Buffer.concat(chunks)
+          .toString('utf8')
+          .replace(/\r?\n$/, '')
+      );
+    };
+    const onError = (error: Error) => {
+      cleanup();
+      reject(error);
+    };
+    const cleanup = () => {
+      stdin.off('data', onData);
+      stdin.off('end', onEnd);
+      stdin.off('error', onError);
+    };
+    stdin.on('data', onData);
+    stdin.once('end', onEnd);
+    stdin.once('error', onError);
+  });
+};
+export const resolveSecretValue = async (
+  value?: string,
+  valueStdin?: boolean,
+  valueFile?: string
+): Promise<string | undefined> => {
+  const providedSources = [
+    value !== undefined,
+    valueStdin === true,
+    valueFile !== undefined
+  ].filter(Boolean).length;
+  if (providedSources > 1) {
+    throw new Error(
+      'Use only one secret value source: --value, --value-stdin, or --file.'
+    );
+  }
+  if (valueStdin) {
+    if (process.stdin.isTTY) {
+      throw new Error(
+        'No stdin detected. Pipe a value when using --value-stdin.'
+      );
+    }
+    return await readStdin();
+  }
+  if (valueFile) {
+    const content = await readFile(valueFile, 'utf8');
+    return content.replace(/\r?\n$/, '');
+  }
+  return value;
+};
+const parseEnvLine = (
+  line: string,
+  lineNumber: number
+): { key: string; value: string } | undefined => {
+  const trimmed = line.trim();
+  if (!trimmed || trimmed.startsWith('#')) {
+    return undefined;
+  }
+  const candidate = trimmed.startsWith('export ')
+    ? trimmed.slice('export '.length).trimStart()
+    : trimmed;
+  const separatorIndex = candidate.indexOf('=');
+  if (separatorIndex <= 0) {
+    throw new Error(
+      `Malformed env line ${lineNumber}. Expected KEY=value or export KEY=value.`
+    );
+  }
+  const key = candidate.slice(0, separatorIndex).trim();
+  const value = candidate.slice(separatorIndex + 1).trim();
+  if (!key) {
+    throw new Error(
+      `Malformed env line ${lineNumber}. Expected KEY=value or export KEY=value.`
+    );
+  }
+  return { key, value };
+};
+export const parseEnvSecrets = (content: string): ParsedEnvSecrets => {
+  const seenKeys = new Set<string>();
+  const entries: EnvSecretEntry[] = [];
+  const skipped: Array<{ key: string; line: number; reason: string }> = [];
+  const lines = content.split(/\r?\n/);
+  for (let index = 0; index < lines.length; index += 1) {
+    const parsed = parseEnvLine(lines[index], index + 1);
+    if (!parsed) {
+      continue;
+    }
+    if (seenKeys.has(parsed.key)) {
+      skipped.push({
+        key: parsed.key,
+        line: index + 1,
+        reason: 'duplicate key'
+      });
+      continue;
+    }
+    seenKeys.add(parsed.key);
+    entries.push({
+      key: parsed.key,
+      value: parsed.value,
+      line: index + 1
+    });
+  }
+  return { entries, skipped };
+};
+export const parseEnvSecretsFile = async (
+  path: string
+): Promise<ParsedEnvSecrets> => {
+  const content = await readFile(path, 'utf8');
+  return parseEnvSecrets(content);
+};
+export const resolveAwsScope = (
+  options: AwsScopeOptions,
+  command?: CommandLikeWithGlobalOpts
+): AwsScopeOptions => {
+  const globalOptions = command?.optsWithGlobals?.() || {};
+  const profile =
+    options.profile ||
+    (typeof globalOptions.profile === 'string'
+      ? globalOptions.profile
+      : undefined);
+  const region =
+    options.region ||
+    (typeof globalOptions.region === 'string'
+      ? globalOptions.region
+      : undefined);
+  return { profile, region };
+};